What is a Privacy Policy?
A Privacy Policy is a document on any/all website that tells every user how and why you’re collecting their information. It spells out how you use that data, why you use it, and if it’s shared with others. Privacy is a space that belongs to every individual and neither governments nor companies can intrude without any individual’s permission. But the users share their private information all the time: their addresses, their credit card numbers, their birthday.
A Privacy Policy is a legal document that details your company’s views and procedures on the information collected from visitors. That’s how privacy policies come into play.
LEGAL BASIS FOR A PRIVACY POLICY
- As per the Information Technology Act, 2000 (“IT Act”), “Intermediaries” are entities that store or transmit data on behalf of other persons, and include telecom and internet service providers, online marketplaces, search engines, and social media sites. Under the Information Technology (Intermediaries guidelines) Rules, 2011, the Intermediary shall publish the rules and regulations, privacy policy and user agreement for access-or usage of the Intermediary’s computer resource by any person;
- The Intermediary shall inform its users that in case of non-compliance with rules and regulations, user agreement and privacy policy for access or usage of Intermediary computer resource, the Intermediary has the right to immediately terminate the access or usage lights of the users to the computer resource of Intermediary and remove non-compliant information;
- The Intermediary shall take all reasonable measures to secure its computer resource and information contained therein following the reasonable security practices and procedures as prescribed in the Information Technology (Reasonable security practices and procedures and sensitive personal Information) Rules, 2011;
- The Intermediary shall publish on its website the name of the Grievance Officer and his contact details as well as mechanism by which users or any victim who suffers as a result of access or usage of computer resource; and
- The Intermediary shall strictly follow the provisions of the IT Act or any other laws for the time being in force.
WHAT DOES IT COVER?
A Privacy Policy should be short, clear, and thorough. A basic Privacy Policy template includes the what, when, who, why, and how of any/all data collection practices.
It covers the following:
- What information is collected;
- Where information is collected from;
- Why information is collected;
- How information is collected (including cookies and other tracking technologies);
- To whom is the information being shared with or sold; and
- What right users have over the data.
Privacy Policy can be technical/ boring to read for every user who accesses any your website. Hence, Frequently Asked Questions (“FAQs”) are a vital part of a Privacy Policy. FAQs are short version of a Privacy Policy that reflects the highlights of it. Creating an easy-to-understand FAQs list will help website visitors quickly and easily answer any questions they may have. Nevertheless, FAQs are just a part of Privacy Policy but it cannot replace the Privacy Policy.
CONCLUSION
One small action could cost you heavily in the Court of law. Thus, this method of informing users also protects you as a business because you will be able to more easily enforce the terms in your Privacy Policy document against users. Privacy Policy is a great way to show the users that you can be trusted.
The content of this article is intended to provide general guidance on the subject matter. Specialist advice should be sought about your specific circumstances.
Key words: Privacy, Data Privacy, FAQs.
